Last Comment Bug 174042 - addbuiltin tool does not generate issuer and serial number in trust object
: addbuiltin tool does not generate issuer and serial number in trust object
Status: RESOLVED FIXED
:
Product: NSS
Classification: Components
Component: Tools (show other bugs)
: 3.6
: All All
: -- normal (vote)
: 3.6.1
Assigned To: Julien Pierre
: Bishakha Banerjee
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2002-10-11 16:07 PDT by Julien Pierre
Modified: 2002-10-22 11:38 PDT (History)
6 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Add issuer & sn to trust object so that generated output is valid for NSS 3.6+ (795 bytes, patch)
2002-10-11 16:43 PDT, Julien Pierre
wtc: review+
Details | Diff | Splinter Review

Description Julien Pierre 2002-10-11 16:07:39 PDT
Currently, in NSS_3_6_BRANCH, including the RTM, and on the tip, addbuiltin is
broken. It generates output that does not have the issuer serial number in the
trust object.

These are now required in NSS 3.6 due to a new optimization.

This is what bit us for the AOL roots, and bit us again for the TC trustcenter
roots.

The addbuiltin tool needs to be updated before it can be used again without
having to manually patch the output.
Comment 1 Julien Pierre 2002-10-11 16:43:18 PDT
Created attachment 102633 [details] [diff] [review]
Add issuer & sn to trust object so that generated output is valid for NSS 3.6+
Comment 2 Julien Pierre 2002-10-11 16:44:13 PDT
I tested the attached patch to regenerate the TC Trustcenter root, and it
worked. The output was generated correctly with the trust, and the resulting DLL
had the new roots trusted in Mozilla.
Comment 3 Julien Pierre 2002-10-11 18:11:58 PDT
Checked in to the tip :

Checking in addbuiltin.c;
/cvsroot/mozilla/security/nss/cmd/addbuiltin/addbuiltin.c,v  <--  addbuiltin.c
new revision: 1.4; previous revision: 1.3
done

Also on 3.6 branch :

Checking in addbuiltin.c;
/cvsroot/mozilla/security/nss/cmd/addbuiltin/addbuiltin.c,v  <--  addbuiltin.c
new revision: 1.3.54.1; previous revision: 1.3
done
Comment 4 Kai Engert (:kaie) 2002-10-21 18:05:58 PDT
I suggest to land this patch on the client tag, so the tools included in the
source snapshot for Mozilla 1.2 will be correct.
Comment 5 Julien Pierre 2002-10-21 18:20:13 PDT
Kai,

Technically, this patch was made in 3.6.1, which is still being worked on.
Wan-Teh, do we want to tag this patch with NSS_CLIENT_TAG ?
This would mean that the client tag would be slightly past NSS_3_6_RTM .
Comment 6 Wan-Teh Chang 2002-10-22 11:36:48 PDT
The Mozilla client doesn't need this patch for addbuiltin
but eventually NSS_CLIENT_TAG will be based on the
NSS_3_6_BRANCH and pick up this fix.
Comment 7 Wan-Teh Chang 2002-10-22 11:38:31 PDT
Comment on attachment 102633 [details] [diff] [review]
Add issuer & sn to trust object so that generated output is valid for NSS 3.6+

r=wtc.

Note You need to log in before you can comment on or make changes to this bug.